<%@ page import="java.sql.Connection" %>
<%@ page import="Dao.BaseDao" %>
<%@ page import="java.sql.Statement" %>
<%@ page import="java.sql.ResultSet" %>
<%@ page import="java.sql.SQLException" %>
<%@ page import="jakarta.servlet.http.Cookie" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>留言显示页面</title>
    <link rel="stylesheet" href="table.css">
    <!--检测是否非法访问-->
    <%
        Cookie cookie[] = request.getCookies();
        String uname = null;
        String uid = null;
        for (int i = 0; i < cookie.length; i++) {
            if (cookie[i].getName().equals("uname")) {
                uname = cookie[i].getValue();
            }
            if (cookie[i].getName().equals("uid")) {
                uid = cookie[i].getValue();
            }
        }
        if (uname == null || uname.equals("")) {
            out.println("<script>alert('非法访问，正在返回登录界面')</script>");
            response.setHeader("refresh", "0;URL=login.jsp");
        }
        if (uid == null || uid.equals("")) {
            out.println("<script>alert('非法访问，正在返回登录界面')</script>");
            response.setHeader("refresh", "0;URL=login.jsp");
        }
    %>
</head>
<body>
<div align="right">
    <text>用户：<%=uname%>
    </text>
    <a href="user.jsp">个人中心</a>
    <a href="logout.jsp">退出</a>
</div>
<table>
    <thead>
    <tr>
        <form action="" method="post">
            <td colspan="6">
                <select name="linename">
                    <option value="mid">消息编号</option>
                    <option value="title">标题</option>
                    <option value="author">用户名</option>
                </select>
                <input type="text" name="text" size="30px">
                <input type="submit" value="查询"></td>
        </form>
    </tr>
    </thead>
    <tbody>
    <tr>
        <td colspan="6"><h3>查询到的留言</h3></td>
        <!--添加信息的区域-->
        <td colspan="3" rowspan="3">
            <table>
                <tr>
                    <td><h3>发布留言：</h3></td>
                </tr>
                <tr>
                    <td>标题</td>
                    <td>内容</td>
                </tr>
                <form action="addmessage.jsp" method="post">
                    <input type ="hidden" name="add-uname" value="<%=uname%>">
                    <tr>
                        <td><input type="text" name="add-title" size="8px"></td>
                        <td rowspan="2"><input type="text" name="add-content" size="18px" maxlength="1000"></td>
                        <td rowspan="2"><input type="submit" value="添加"></td>
                    </tr>
                </form>
            </table>
        </td>
    </tr>
    <tr>
        <td>编号</td>
        <td>标题</td>
        <td>用户名</td>
        <td>内容</td>
    </tr>
    <!--查询信息，以及删除和修改链接-->
        <%
        String linename = request.getParameter("linename");
        String text = request.getParameter("text");
        try {
            String SQL_SELECT;
            if (text == null || text.equals("")) {
                SQL_SELECT = "select * from talk_with_friends.message ;";
            } else {
                SQL_SELECT = "select * from talk_with_friends.message where " + linename + " = '" + text + "';";
            }
            //连接数据库，获得连接对象
            Connection conn = BaseDao.getConnection();
            //搭建执行环境
            Statement statement = conn.createStatement();
            //执行sql的查询语句，得到结果集
            ResultSet result = statement.executeQuery(SQL_SELECT);
            while (result.next()) {
                out.println("<tr><td width=\"80px\">" + result.getInt("mid") + "</td><td width=\"80px\">" + result.getString("title") +
                        "</td><td width=\"70px\">" + result.getString("author") + "</td><td width=\"550px\">" + result.getString("content") +
                        "</td><td width=\"50px\"><a href=\"updatemessage.jsp?mid=" + result.getInt("mid") + "\">修改</a>" +
                        "</td><td width=\"50px\"><a href=\"deletemessage.jsp?mid=" + result.getInt("mid") + "\">删除</a></td></tr>");
            }
            out.println("<tr><td>无后续数据</td></tr>");
        } catch (SQLException e) {
            throw new RuntimeException(e);
        }
    %>
</table>
</body>
</html>